Standardizing VOD CDN Backsource Architecture: Issues, Strategies, and Optimizations

Background & Problems

The company has used multiple CDN vendors for video on demand (VOD) services. Different vendors have varying back‑source mechanisms, line capacities, and storage models (full‑mirror vs. image storage). When traffic is switched or a dedicated line recovers, the upstream line and UPOS origin experience high pressure. Vendor back‑source strategies are often opaque, making fault diagnosis and remediation inefficient.

Case Study of Back‑source Failure

During a failure, several vendor lines experienced sudden bandwidth spikes. Lack of fine‑grained line monitoring and inability to perform CDN traffic throttling (to avoid avalanche effects) resulted in slow fault localization and mitigation.

Back‑source Architecture Analysis

Two common back‑source patterns were identified:

After a user requests a fragment, the system waits for the entire file to be fetched from the origin before returning the fragment, causing playback delay.

When fetching a fragment, the whole file is synchronously pulled, dramatically increasing back‑source bandwidth and stressing the origin.

Optimization方案

The proposed standardization includes:

Prioritize synchronous fragment back‑source to reduce playback latency.

Statistically assess fragment request frequency to classify video files as hot or cold.

For hot files, perform full‑file synchronous pull to reduce repeated fragment bandwidth.

For cold files, queue full‑file back‑source for off‑peak download, avoiding peak‑time pressure.

Apply flow‑control throttling on full‑file downloads.

In extreme line outages, stop asynchronous full‑file back‑source and proactive distribution, ensuring synchronous fragment back‑source continues over the public network.

Monitoring Dependency Optimization

Designed real‑time monitoring of vendor back‑source strategies and bandwidth classification, enabling rapid identification of abnormal back‑source types and eliminating the “black‑box” nature of vendor policies.

Commercial CDN Storage Bucket Scheme

Decoupling CDN from storage introduces two benefits: (1) leveraging dedicated line and gateway capacity for seamless vendor switching during CDN failures, and (2) reducing business costs while improving traffic‑shifting efficiency. The solution includes bucket‑based handling for full‑mirror vendors, resource demand estimation for line capacity, temporary storage, and gateway requirements, and coordinated resource expansion with procurement and network teams.

Back‑source Security Optimization

Introduced OSIG authentication to protect origin servers. While CDN and public‑network authentication use UPSIG, exposing the origin’s public address poses security risks. OSIG adds an extra signature on CDN back‑source, separating CDN authentication from origin authentication and safeguarding the origin.

Conclusion & Outlook

The back‑source standardization effort spanned several months, iteratively evolving to address numerous challenges. The solution is now partially implemented and moving toward the expected goals. Future work will continue to optimize resources from an operations perspective, aiming for more stable and reliable VOD CDN services.